# AdwCleaner v6.030 - Logbestand aangemaakt 06/11/2016 op 19:18:58 # *Updated on 19/10/2016 by Malwarebytes # Gebruik lokale database : 2016-11-05.1 [*Server] # Besturingssysteem : Windows 10 Home (X64) # Gebruikersnaam : Gebruiker - PETER # Gestart vanuit : C:\Users\Gebruiker\Downloads\adwcleaner_6.030.exe # *Mode: Scan # Ondersteuning : https://www.malwarebytes.com/support ***** [ *Services ] ***** Service Amazon 1Button App Service ***** [ Mappen ] ***** gevonden C:\Program Files (x86)\00000000-1478290393-0000-0000-D43D7EF69622 gevonden C:\Users\Gebruiker\AppData\Local\00000000-1478294110-0000-0000-D43D7EF69622 gevonden C:\Users\Gebruiker\AppData\Local\Amazon Browser Settings gevonden C:\Users\Gebruiker\AppData\Roaming\SpringFiles gevonden C:\ProgramData\Solvusoft gevonden C:\ProgramData\Application Data\Solvusoft gevonden C:\Program Files (x86)\Amazon Browser Settings gevonden C:\Program Files (x86)\myfree codec ***** [ Bestanden ] ***** gevonden C:\Users\Gebruiker\Documents\Allin1Convert.exe gevonden C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url gevonden C:\END ***** [ DLL ] ***** *No malicious DLLs found. ***** [ WMI ] ***** *No malicious keys found. ***** [ Snelkoppelingen ] ***** Zoeken naar bestanden ... ***** [ Geplande taken ] ***** *No malicious task found. ***** [ Register ] ***** gevonden HKLM\SOFTWARE\Classes\UCHTML gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML gevonden HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO gevonden HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime gevonden HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer gevonden HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway gevonden HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway gevonden [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO gevonden [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime gevonden [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer gevonden [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway gevonden [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway gevonden HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B} gevonden HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8} gevonden HKLM\SOFTWARE\Classes\CLSID\{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319} gevonden HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} gevonden HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} gevonden HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502} gevonden HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450} gevonden HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769} gevonden HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} Waarde HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] Waarde HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}] gevonden HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} gevonden HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\distromatic gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\gameo gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\GoldenGate gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Linkey gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Tinstalls gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\PRODUCTSETUP gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Snoozer gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Tutorials gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\TutoTag gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Wincy gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\MICROSOFT\OTUT gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\SrpnFiles gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\SimpleNewTab gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\UCBrowser gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\UCBrowserPID gevonden HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\SNDA gevonden HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3575262360-258679368-1463809348-1001\Software\ScanTack gevonden HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Surftastic gevonden HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} gevonden HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} gevonden HKCU\Software\distromatic gevonden HKCU\Software\gameo gevonden HKCU\Software\GoldenGate gevonden HKCU\Software\Linkey gevonden HKCU\Software\Microsoft\Tinstalls gevonden HKCU\Software\PRODUCTSETUP gevonden HKCU\Software\Snoozer gevonden HKCU\Software\Tutorials gevonden HKCU\Software\TutoTag gevonden HKCU\Software\Wincy gevonden HKCU\Software\MICROSOFT\OTUT gevonden HKCU\Software\SrpnFiles gevonden HKCU\Software\SimpleNewTab gevonden HKCU\Software\UCBrowser gevonden HKCU\Software\UCBrowserPID gevonden HKCU\Software\SNDA gevonden HKLM\SOFTWARE\Linkey gevonden HKLM\SOFTWARE\Tutorials gevonden HKLM\SOFTWARE\Universal gevonden HKLM\SOFTWARE\SrpnFiles gevonden HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154} gevonden HKLM\SOFTWARE\UCBrowser gevonden HKLM\SOFTWARE\UCBrowserPID gevonden HKLM\SOFTWARE\youndooSoftware gevonden HKLM\SOFTWARE\OtherSearch gevonden HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Assistant gevonden HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3} gevonden [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3575262360-258679368-1463809348-1001\Software\ScanTack gevonden [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Surftastic gevonden [x64] HKCU\Software\distromatic gevonden [x64] HKCU\Software\gameo gevonden [x64] HKCU\Software\GoldenGate gevonden [x64] HKCU\Software\Linkey gevonden [x64] HKCU\Software\Microsoft\Tinstalls gevonden [x64] HKCU\Software\PRODUCTSETUP gevonden [x64] HKCU\Software\Snoozer gevonden [x64] HKCU\Software\Tutorials gevonden [x64] HKCU\Software\TutoTag gevonden [x64] HKCU\Software\Wincy gevonden [x64] HKCU\Software\MICROSOFT\OTUT gevonden [x64] HKCU\Software\SrpnFiles gevonden [x64] HKCU\Software\SimpleNewTab gevonden [x64] HKCU\Software\UCBrowser gevonden [x64] HKCU\Software\UCBrowserPID gevonden [x64] HKCU\Software\SNDA gevonden [x64] HKLM\SOFTWARE\Linkey gevonden HKLM\SOFTWARE\Classes\Installer\Features\3DCCCD6BD02558446B24CF1C63EC213C gevonden HKLM\SOFTWARE\Classes\Installer\Products\3DCCCD6BD02558446B24CF1C63EC213C gevonden [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C gevonden [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C gevonden [x64] HKLM\SOFTWARE\Classes\Installer\Features\3DCCCD6BD02558446B24CF1C63EC213C gevonden [x64] HKLM\SOFTWARE\Classes\Installer\Products\3DCCCD6BD02558446B24CF1C63EC213C gevonden HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\apple.vshare.com gevonden HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\castplatform.com gevonden HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ccleaner.nl.softo gevonden HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cdn.castplatform. gevonden HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\apple.vshare.com gevonden HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\castplatform.com gevonden HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ccleaner.nl.softonic gevonden HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cdn.castplatform.com gevonden [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\apple.vshare.co gevonden [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\castplatform.co gevonden [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ccleaner.nl.sof gevonden [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cdn.castplatfor gevonden [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\apple.vshare.com gevonden [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\castplatform.com gevonden [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ccleaner.nl.softon gevonden [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cdn.castplatform.c Waarde [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [CrashMon] Waarde HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [DataMgr] Waarde HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [FixMyRegistry] Waarde HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Intermediate] Waarde HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [scheck] Waarde HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Snoozer] Waarde HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SpeedUpMyComputer] Waarde HKU\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [ssync] gevonden HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} gevonden HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} gevonden HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} gevonden HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} gevonden HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser gevonden HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe Waarde HKLM\SOFTWARE\RegisteredApplications [UCBrowser] gevonden HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe gevonden HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion gevonden [x64] HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion ***** [ Internetbrowsers ] ***** Zoeken naar register-items ... *Chromium pref Found: [C:\Users\Gebruiker\AppData\Local\Chromium\User Data\Default\Web data] - search provided by yahoo *Chromium pref Found: [C:\Users\Gebruiker\AppData\Local\Chromium\User Data\Default\Secure Preferences] - hxxp://nl.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_30¶m1=1& *Chromium pref Found: [C:\Users\Gebruiker\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - hxxps://nl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_30¶m1=1&par ************************* C:\AdwCleaner\AdwCleaner[R0].txt - [1809 bytes] - [23/03/2015 13:25:10] C:\AdwCleaner\AdwCleaner[S0].txt - [1746 bytes] - [23/03/2015 13:28:11] C:\AdwCleaner\AdwCleaner[S1].txt - [14135 bytes] - [06/11/2016 19:18:58] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14209 bytes] ##########